Many employees
would be much more careful if they saw how easy it is to read
what they type in their IM sessions (see Figure 1-2); the traf?¬?c
generated by a browser is possibly even easier to read.
The class of attacks that can be performed on the information in
transit is known as man-in-the-middle. The literature on the
subject often explains the scheme with the help of an example
involving three characters: Alice wants to send a secret message
Reading data
packets in transit
is easier than
most think
Figure 1-2 A network trace of IM traf?¬?c
In the man-in-themiddle
attack, an
aggressor intercepts
communications
between two other
parties
The Advent of Pro?¬?table Digital Crime 23
to Bob, and Eve wants to know the content of such a message.
In our context, Alice sends her message using a browser, Bob is
a website (say our home-banking system), and Eve is the criminal
(or criminal organization) that wants to steal Alice??™s data.
Literally anybody with access rights on any computer on the
path between Alice and Bob can play Eve??™s role. The computers
of colleagues in the same room, or even on the same ?¬‚oor, will
often be connected to the same networking devices.
Pages:
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64